easyrsa: default EASYRSA_OPENSSL, add installCheckPhase
This commit is contained in:
parent
311a4be96d
commit
c9b61a3205
|
@ -8,10 +8,11 @@ stdenv.mkDerivation rec {
|
||||||
owner = "OpenVPN";
|
owner = "OpenVPN";
|
||||||
repo = "easy-rsa";
|
repo = "easy-rsa";
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "sha256-zdVcT04nj7eE1a6M7WHeWpwG/TVTwyK+WgD70XwPXfY=";
|
hash = "sha256-zdVcT04nj7eE1a6M7WHeWpwG/TVTwyK+WgD70XwPXfY=";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [ makeWrapper ];
|
nativeBuildInputs = [ makeWrapper ];
|
||||||
|
nativeInstallCheckInputs = [ openssl.bin ];
|
||||||
|
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
mkdir -p $out/share/easy-rsa
|
mkdir -p $out/share/easy-rsa
|
||||||
|
@ -26,7 +27,7 @@ stdenv.mkDerivation rec {
|
||||||
|
|
||||||
# Wrap it with the correct OpenSSL binary.
|
# Wrap it with the correct OpenSSL binary.
|
||||||
wrapProgram $out/bin/easyrsa \
|
wrapProgram $out/bin/easyrsa \
|
||||||
--set EASYRSA_OPENSSL ${openssl.bin}/bin/openssl
|
--set-default EASYRSA_OPENSSL ${openssl.bin}/bin/openssl
|
||||||
|
|
||||||
# Helper utility
|
# Helper utility
|
||||||
cat > $out/bin/easyrsa-init <<EOF
|
cat > $out/bin/easyrsa-init <<EOF
|
||||||
|
@ -36,6 +37,21 @@ stdenv.mkDerivation rec {
|
||||||
chmod +x $out/bin/easyrsa-init
|
chmod +x $out/bin/easyrsa-init
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
doInstallCheck = true;
|
||||||
|
postInstallCheck = ''
|
||||||
|
set -euo pipefail
|
||||||
|
export EASYRSA_BATCH=1
|
||||||
|
export EASYRSA_PASSIN=pass:nixpkgs
|
||||||
|
export EASYRSA_PASSOUT="$EASYRSA_PASSIN"
|
||||||
|
export EASYRSA_REQ_CN='nixpkgs test CA'
|
||||||
|
export EASYRSA_KEY_SIZE=3072
|
||||||
|
export EASYRSA_ALGO=rsa
|
||||||
|
export EASYRSA_DIGEST=sha512
|
||||||
|
$out/bin/easyrsa init-pki
|
||||||
|
$out/bin/easyrsa build-ca
|
||||||
|
openssl x509 -in pki/ca.crt -noout -subject | tee /dev/stderr | grep -zq "$EASYRSA_REQ_CN"
|
||||||
|
'';
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
description = "Simple shell based CA utility";
|
description = "Simple shell based CA utility";
|
||||||
homepage = "https://openvpn.net/";
|
homepage = "https://openvpn.net/";
|
||||||
|
|
Loading…
Reference in New Issue
Block a user